0b924355c46e7110087ea94180b81d56

Sharing

Copy URL Twitter E-mail

General

Target

0b924355c46e7110087ea94180b81d56
Size

534KB
MD5

0b924355c46e7110087ea94180b81d56
SHA1

25ec09562667f4cc7824fcba88092b0e0431bd34
SHA256

aaa5c6fe8e38950f604d2a609f19879d80ddb3e282ed5b21448f04e5ebdf5a37
SHA512

9433a385d2930b5044b6dc53100acc8bf4f763bc6d359d97e1a4140e690c059d55f2eef928b74ee807d865d8442f5248b40da35bc493c887d35baf53d002b166
SSDEEP

12288:A+eZuvK/SoD89hZqCU/+uAzyhaTZoSzyffbwuz:ABZuvK/So89hRE+9YAZo2Ewq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b924355c46e7110087ea94180b81d56

Files

0b924355c46e7110087ea94180b81d56
.exe windows:4 windows x86 arch:x86

2c9875ab38a6fb6b6c2ea843e4cefe52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
PrintDlgW

kernel32

UnhandledExceptionFilter
SetLastError
EnumSystemLocalesA
GetTimeZoneInformation
FindResourceA
SetConsoleCtrlHandler
WideCharToMultiByte
EnterCriticalSection
MultiByteToWideChar
HeapDestroy
RtlUnwind
SetStdHandle
Sleep
TlsAlloc
TerminateProcess
GetConsoleOutputCP
IsDebuggerPresent
WriteFile
IsValidCodePage
FreeEnvironmentStringsA
GetStdHandle
GetVersionExA
QueryPerformanceCounter
EnumResourceNamesA
GetCommandLineA
GetTickCount
WriteConsoleW
InterlockedExchange
CloseHandle
HeapCreate
WriteConsoleA
CreateFileA
LoadLibraryA
GetFileType
GetModuleHandleA
GetCurrentProcess
SetHandleCount
GetSystemTimeAsFileTime
LeaveCriticalSection
IsValidLocale
GetCPInfo
GetCurrentProcessId
VirtualQuery
GetOEMCP
TlsGetValue
CompareStringA
GetLocaleInfoW
GetStringTypeA
VirtualAlloc
SetFilePointer
SetEnvironmentVariableA
ExitProcess
GetModuleFileNameA
GetUserDefaultLCID
CompareStringW
GetEnvironmentStringsW
GetLocaleInfoA
FreeLibrary
SetUnhandledExceptionFilter
VirtualFree
HeapReAlloc
HeapFree
GetLastError
TlsFree
GetProcessHeap
CreateMutexA
GetConsoleCP
GetStringTypeW
InitializeCriticalSection
ReadFile
GetTimeFormatA
OpenMutexA
HeapSize
GetACP
HeapAlloc
TlsSetValue
FlushFileBuffers
GetDateFormatA
LCMapStringA
LCMapStringW
GetConsoleMode
FreeEnvironmentStringsW
DeleteCriticalSection
GetProcAddress
GetEnvironmentStrings
InterlockedDecrement
GetCurrentThread
GetCurrentThreadId
GetStartupInfoA
InterlockedIncrement

gdi32

SetRectRgn
SelectPalette
GetLogColorSpaceW
SaveDC
OffsetWindowOrgEx
GetLogColorSpaceA

wininet

SetUrlCacheHeaderData
FtpCreateDirectoryW
InternetAlgIdToStringA
InternetReadFile

user32

TrackPopupMenu
SetUserObjectSecurity
WinHelpA
RegisterClassExA
GetMessagePos
RegisterClassA

comctl32

InitCommonControlsEx

advapi32

RegQueryValueW
CryptDestroyHash
CryptGetProvParam
CryptContextAddRef
RegSetValueExA
CryptEncrypt
RegCreateKeyW

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c9875ab38a6fb6b6c2ea843e4cefe52

Headers

File Characteristics

Imports

comdlg32

kernel32

gdi32

wininet

user32

comctl32

advapi32

Sections

.text Size: 201KB - Virtual size: 201KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 201KB - Virtual size: 201KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 6KB - Virtual size: 5KB